Properly managing IIoT systems to prevent cyberattacks

According to the McKinsey Global Institute, it will be the industrial internet of things where the impact of IoT will be felt the most. The market for IIoT in factories alone is expected to be worth up to $3.7 trillion per year by 2025. The ultimate aim of IIoT, or smart manufacturing, is to create robust ecosystems where thousands of individual remote smart devices work together securely.

One of the top challenges of IIoT is keeping valuable business data secure. Cyberattacks against IIoT systems and critical network infrastructure have severe consequences, putting world governments on high alert.

The U.S. Department of Homeland Security recently published guidelines to “provide a strategic focus on security and enhance the trust framework that underpins the IoT ecosystem.” The document is the first attempt to provide clear cybersecurity guidance to organizations implementing IIoT.

The Department of Homeland Security asks organizations to consider the risks following a possible breach or device failure, compared to the costs of limiting internet connectivity. For instance, continuous network access may be convenient, but is it strictly necessary in the context of what the device does? A nuclear reactor having a continuous connection to the internet carries too great a risk because it also opens the door to a network intrusion.

Defense-in-depth strategies

IIoT organizations are advised to adopt a defense-in-depth approach to help them stay ahead of privacy and security risks.

First, understand exactly what the device does. Without a full appreciation of the function and scope of each individual device, organizations run the risk of activating direct connections to the Internet when they are not strictly needed.

Next, make a conscious decision about every IIoT connection. Connect to a local network to allow the content of critical information to be analyzed before it is sent. Industrial control systems are complex and it is essential to protect them using defense-in-depth principles.

Lastly, build in remote management capabilities. Manufacturers, critical network infrastructures and service providers must be able to disable network connections or specific ports remotely when needed.

Protecting IIoT systems

IIoT promises to bring invaluable benefits to industrial enterprises in terms of process efficiencies, automation, scalability and cost savings. However, despite their vital contribution, IIoT systems are often not managed properly and security remains a major risk. Cybercriminals actually regard IIoT systems as the most vulnerable point in an organization’s network.

Full protection of remote connections on IIoT systems is best achieved with virtual private network (VPN) software. VPNs form a secure connection at the remote IIoT gateway, integrating seamlessly with existing infrastructure and encrypting all data traffic passing to and from individual devices.

NCP engineering recommends IIoT organizations give careful consideration to on-demand/always-on access along with command line or API control. Additionally, authentications in the form of software/hardware network certification and central management for remotely configuring devices should be enforced.

In summary, enterprises must take adequate precautions to manage and protect data related to IIoT or machine-to-machine security. By securing every necessary remote connection with VPN management, it will be possible for enterprises to stay ahead of future cybersecurity threats.

Julian Weinberger, Director of Systems Engineering, CISSP - NCP engineering, has over 10 years of experience in the networking and security industry, as well as expertise in SSL VPN, IPsec, PKI, and firewalls.

Julian Weinberger, Director of Systems Engineering, CISSP - NCP engineering, has over 10 years of experience in the networking and security industry, as well as expertise in SSL VPN, IPsec, PKI, and firewalls.

Made in Boston @

The Harvard Innovation Lab

Contact

First Name

Last Name

Email

Phone Number

Message

Subscribe for Big Data 3.0 Newsletter

Become Part of a Revolution!
Sign up for Big Data 3.0 Newsletter—your go-to resource for the latest news and events, insights from and about movers and shakers in the field, and analyses of the critical trends that will impact your industry.